<?php
require_once ('../../libraryfiles/config.php');
$action = isset ( $_GET ['action'] ) ? $_GET ['action'] : '';
switch ($action) {	
	case 'add' :
		addBanner ();
		break;
	case 'edit' :
		editBanner ();
		break;
	case 'publish' :
		publishSelect ();
		break;
	
	case 'muliDelete' :
		muliDelete ();
		break;
	
	default :
		header ( 'Location:' . base_url_admin . '/banner/index.php' );
}
function addBanner() {
	$PathFileUpload = FRONT_SITE_DIR.DS.'images'.DS.'banners'.DS;
	if(!file_exists($PathFileUpload)){
		mkdir($PathFileUpload, 0777, true);
	}
	if (isset ( $_POST ["btnsave"] )) {
		$username = $_SESSION ['username'];
		$banner_title = ampReplace ( $_POST ['txttitle'] );
		$Linkimage = ampReplace ( $_POST ['txtaddlink'] );
		$description = ampReplace ( $_POST ['txtdescription'] );
		$datepost = date ( "Y-m-d" );
		$allowedExts = array (
				"gif",
				"jpeg",
				"jpg",
				"png" 
		);
		
		if (! filter_var ( $Linkimage, FILTER_VALIDATE_URL )) {
			setSession ( array (
					'title' => @$banner_title,
					'link' => @$Linkimage,
					'desc' => @$description 
			) );
			header ( 'Location:' . base_url_admin . '/banner/index.php?view=add&error=invalidurl' );
			exit ();
		}
		//$imagePath = '../../images/banners/';
		$temp = explode ( ".", $_FILES ["txtimage"] ["name"] );
		$extension = end ( $temp );
		$names = $_FILES["txtimage"]["name"];
		$temp = explode(".", $names);
		$filename = genRandomString(10) . '.' . end($temp);
		$url = (isset($_POST['txtaddlink'])?$_POST['txtaddlink']:'');
		if (!preg_match("/\b(?:(?:https?|ftp):\/\/|www\.)[-a-z0-9+&@#\/%?=~_|!:,.;]*[-a-z0-9+&@#\/%=~_|]/i", $url)) {
			setSession(array('title'=>@$_POST['txttitle'],'link'=>@$_POST['txtaddlink'],'postdate'=>@$_POST['txtpost'],'enddate'=>@$_POST['txtendpost'],'enddate'=>@$_POST['txtendpost'],'desc'=>@$_POST['txtdescription'],'position'=>@$_POST['txtposition'],'page'=>@$_POST['txtpage']));
			header('location:'.base_url_admin.'/banner/index.php?view=add&error=invalid_url');
			exit();
		}
		if (!empty($filename )) {
			if (($_FILES ['txtimage'] ['type'] == "image/gif") || ($_FILES ["txtimage"] ["type"] == "image/jpeg") || ($_FILES ["txtimage"] ["type"] == "image/jpg") || ($_FILES ["txtimage"] ["type"] == "image/pjpeg") || ($_FILES ["txtimage"] ["type"] == "image/png") || ($_FILES ["txtimage"] ["size"] < 20000) && in_array ( $extension, $allowedExts )) {
				if (file_exists ( $imagePath . $_FILES ["txtimage"] ["name"] )) {
					$strInsert = "INSERT INTO tbl_banner(ban_img_upload,use_name,ban_title,ban_addlink,ban_description,ban_datepost) VALUES('" . $filename . "','" . $username . "','" . $banner_title . "','" . $Linkimage . "','" . $description . "','" . $datepost . "')";
					move_uploaded_file ( $_FILES ["txtimage"] ["tmp_name"], $PathFileUpload.$filename );
					mysql_query ( $strInsert ) or die ( 'Error with query insert.' . mysql_error () );
					header ( 'Location:' . base_url_admin . '/banner/index.php?message=add' );
					exit ();
				} else {
					clearSession ( array (
							'title',
							'link',
							'desc' 
					) );
					$strInsert = "INSERT INTO tbl_banner(ban_img_upload,use_name,ban_title,ban_addlink,ban_description,ban_datepost) VALUES('" . $filename . "','" . $username . "','" . $banner_title . "','" . $Linkimage . "','" . $description . "','" . $datepost . "')";
					move_uploaded_file ( $_FILES ["txtimage"] ["tmp_name"], $PathFileUpload . $filename);
					mysql_query ( $strInsert ) or die ( 'Error with query insert.' . mysql_error () );
					header ( 'Location:' . base_url_admin . '/banner/index.php?message=add' );
					exit ();
				}
				clearSession ( array (
				'title',
				'link',
				'desc'
						) );
			} else {
				header ( 'Location:' . base_url_admin . '/banner/index.php?view=add&error=invalid_file&title=' . $banner_title . '&link=' . $Linkimage . '&des=' . $description . '' );
				exit ();
			}
		} else {
			echo $filename;die;
			clearSession(array('title','link','desc'));
			$strInsert = "INSERT INTO tbl_banner(use_name,ban_title,ban_addlink,ban_description,ban_datepost) VALUES('" . $username . "','" . $banner_title . "','" . $Linkimage . "','" . $description . "','" . $datepost . "')";
			mysql_query ( $strInsert ) or die ( 'Error with query insert.' . mysql_error () );
			header ( 'Location:' . base_url_admin . '/banner/index.php?message=add' );
		}
	}
}


function editBanner() {
	if (isset ( $_POST ["btnsave"] )) {
		$username = $_SESSION ['username'];
		$id = isset ( $_POST ['hid'] ) ? $_POST ['hid'] : "";
		$banner_title = ampReplace ( $_POST ['txttitle'] );
		$Linkimage = ampReplace ( $_POST ['txtaddlink'] );
		$description = ampReplace ( $_POST ['txtdescription'] );
		$image = $_FILES ["txtimage"] ["name"];
		$datepost = date ( "Y-m-d" );
		$allowedExts = array (
				"gif",
				"jpeg",
				"jpg",
				"png" 
		);
		$temp = explode ( ".", $_FILES ["txtimage"] ["name"] );
		$extension = end ( $temp );
		$imagePath = '../../images/banners/';
		if (! filter_var ( $Linkimage, FILTER_VALIDATE_URL )) {
			header ( 'Location:' . base_url_admin . '/banner/index.php?view=edit&id=' . $id . '&errors=invalidurl' );
			exit ();
		}
		if (! empty ( $image )) {
			if (($_FILES ['txtimage'] ['type'] == "image/gif") || ($_FILES ["txtimage"] ["type"] == "image/jpeg") || ($_FILES ["txtimage"] ["type"] == "image/jpg") || ($_FILES ["txtimage"] ["type"] == "image/pjpeg") || ($_FILES ["txtimage"] ["type"] == "image/png") || ($_FILES ["txtimage"] ["size"] < 20000) && in_array ( $extension, $allowedExts )) {
				
				if (file_exists ( $imagePath . $_FILES ["txtimage"] ["name"] )) {
					$fname = random ( 5 ) . '-' . $image;
					move_uploaded_file ( $_FILES ["txtimage"] ["tmp_name"], "../../images/banners/" . $fname );
					$update = 'UPDATE ' . Tblbanner::tblbanner . ' SET 
																			' . Tblbanner::title . '= "' . $banner_title . '",
																			' . Tblbanner::link . '="' . $Linkimage . '",
																			' . Tblbanner::image . '="' . $fname . '",
																			' . Tblbanner::description . '="' . $description . '",
																			' . Tblbanner::user . '="' . $username . '",
																			' . Tblbanner::dateendpost . '="' . $datepost . '"
																			 WHERE ' . Tblbanner::id . '=' . $id;
					mysql_query ( $update ) or die ( 'Error with query update.' . mysql_error () );
				} else {
					$fname = $image;
					$update = 'UPDATE ' . Tblbanner::tblbanner . ' SET 
																			' . Tblbanner::title . '= "' . $banner_title . '",
																			' . Tblbanner::link . '="' . $Linkimage . '",
																			' . Tblbanner::image . '="' . $fname . '",
																			' . Tblbanner::description . '="' . $description . '",
																			' . Tblbanner::user . '="' . $username . '",
																			' . Tblbanner::dateendpost . '="' . $datepost . '"
																			 WHERE ' . Tblbanner::id . '=' . $id;
					
					move_uploaded_file ( $_FILES ["txtimage"] ["tmp_name"], $imagePath . $_FILES ["txtimage"] ["name"] );
					mysql_query ( $update ) or die ( 'Error with query update.' . mysql_error () );
				}
			} else {
				header ( 'Location:' . base_url_admin . '/banner/index.php?view=edit&id=' . $id . '&error=invalid_file' );
				exit ();
			}
		} else {
			$update = 'UPDATE ' . Tblbanner::tblbanner . ' SET 
																' . Tblbanner::title . '= "' . $banner_title . '",
																' . Tblbanner::link . '="' . $Linkimage . '",
																' . Tblbanner::description . '="' . $description . '",
																' . Tblbanner::user . '="' . $username . '",
																' . Tblbanner::dateendpost . '="' . $datepost . '"
																 WHERE ' . Tblbanner::id . '=' . $id;
			mysql_query ( $update ) or die ( 'Error with query update.' . mysql_error () );
		}
		header ( 'Location:' . base_url_admin . '/banner/index.php?message=edit' );
		exit ();
	}
}
// this is function for public and unpublic of banner
function publishSelect() {
	if (isset ( $_POST ['id'] )) {
		if (isset ( $_GET ['publish'] ) && ( int ) $_GET ['publish'] >= 0 && ( int ) $_GET ['publish'] <= 1) {
			$state = ( int ) $_GET ['publish'];
		} else {
			header ( 'Location:' . base_url_admin . '/banner/index.php' );
			exit ();
		}
		// Statement to get selected id
		$id = (is_array ( $_POST ['id'] )) ? implode ( ',', $_POST ['id'] ) : $_POST ['id'];
		
		// Statment to delete selected id
		$sql = "UPDATE tbl_banner SET ban_status = $state WHERE ban_id IN ($id)";
		mysql_query ( $sql );
	}
	header ( 'Location:' . base_url_admin . '/banner/index.php?message=publish' );
}
function muliDelete() {
	if (isset ( $_POST ['id'] )) {
		$ids = (is_array ( $_POST ['id'] )) ? implode ( ',', $_POST ['id'] ) : $_POST ['id'];
		$image = '';
		$sql = 'SELECT * FROM tbl_banner WHERE ban_id IN(' . $ids . ')';
		$img = mysql_query ( $sql );
		while ( $arr = mysql_fetch_array ( $img ) ) {
			$image = $arr ['ban_img_upload'];
			if (file_exists ( '../../images/banners/' . $image )) {
				unlink ( '../../images/banners/' . $image );
			}
		}
		$sql = 'DELETE FROM tbl_banner WHERE ban_id IN (' . $ids . ')';
		mysql_query ( $sql );
	}
	header ( 'Location:' . base_url_admin . '/banner/index.php?message=multidelete' );
}
?>